To fix this error, you just need to use a larger key size. For example, if the SHA 512 bit is selected, the key may be 1024 bits. But you will work with a key of the same (512) or shorter length.
BouncyCastle just gives us an unacceptable error message. But std lib is doing its job right. Compare them:
// using a 512 bit key here // leads to this error message if Sun standard provider is used Signature sig = Signature.getInstance("SHA512withRSA", "SunRsaSign"); rsa.initSign(privateKey); rsa.update(data); rsa.sign(); java.security.InvalidKeyException: Key is too short for this signature algorithm at sun.security.rsa.RSASignature.initCommon(RSASignature.java:129) at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:111) at sun.security.rsa.RSASignature.engineInitSign(RSASignature.java:101) at java.security.Signature$Delegate.engineInitSign(Signature.java:1127) at java.security.Signature.initSign(Signature.java:511) // using a 512 bit key here // leads to this error message if the BounceCastle provider is used Signature sig = Signature.getInstance("SHA512withRSA", "BC"); ... java.security.SignatureException: java.lang.IllegalArgumentException: input data too large at org.bouncycastle.jce.provider.JDKDigestSignature.engineSign(Unknown Source) at java.security.Signature$Delegate.engineSign(Signature.java:1160) at java.security.Signature.sign(Signature.java:553)